def callback(id):
sql = 'select * from product_class where id=%s' % str(id)
result = db_helper.read(sql)
if result:
return web_helper.return_msg(0, '成功', result[0])
else:
return web_helper.return_msg(-1, '')
def callback(id):
"""
根据用户职位权限获取列表数据(树列表),为已有权限的数据赋值
"""
# 检查用户权限
_common_logic.check_user_power()
_menu_info_logic = menu_info_logic.MenuInfoLogic()
# 读取记录(ztree控件需要输出记录id、父id、树节点名称、节点是否扩展和是否打勾这几项参数)
result = _menu_info_logic.get_list('id, parent_id, name, not is_leaf as open, false as checked')
if result and result.get('rows'):
# 获取指定的职位记录
_positions_logic = positions_logic.PositionsLogic()
positions_logic_model = _positions_logic.get_model_for_cache(id)
if positions_logic_model:
# 读取该职位权限字串
page_power = positions_logic_model.get('page_power', '')
# 判断当前菜单项id是否存在于该职位的权限字串中
for model in result.get('rows'):
# 如果存在,则表示当前职位拥有该菜单项的权限,即在菜单权限列表中需要打勾
if ',' + str(model.get('id', 0)) + ',' in page_power:
model['checked'] = True
return web_helper.return_msg(0, "成功", {'tree_list': result.get('rows')})
else:
return web_helper.return_msg(-1, "查询失败")
def callback(id):
"""
修改记录
"""
name = web_helper.get_form('name', '产品名称')
code = web_helper.get_form('code', '产品编码')
product_class_id = convert_helper.to_int0(web_helper.get_form('product_class_id', '产品分类'))
standard = web_helper.get_form('standard', '产品规格')
quality_guarantee_period = web_helper.get_form('quality_guarantee_period', '保质期')
place_of_origin = web_helper.get_form('place_of_origin', '产地')
front_cover_img = web_helper.get_form('front_cover_img', '封面图片')
content = web_helper.get_form('content', '产品描述', is_check_special_char=False)
# 防sql注入攻击处理
content = string_helper.filter_str(content, "'")
# 防xss攻击处理
content = string_helper.clear_xss(content)
is_enable = convert_helper.to_int0(web_helper.get_form('is_enable', '是否启用'))
# 编辑记录
sql = """
update product
set name=%s, code=%s, product_class_id=%s, standard=%s, quality_guarantee_period=%s,
place_of_origin=%s, front_cover_img=%s, content=%s, is_enable=%s
where id=%s returning id"""
vars = (name, code, product_class_id, standard, quality_guarantee_period, place_of_origin, front_cover_img, content,
is_enable, id)
# 写入数据库
result = db_helper.write(sql, vars)
# 判断是否提交成功
if result and result[0].get('id'):
return web_helper.return_msg(0, '成功')
else:
return web_helper.return_msg(-1, "提交失败")
def callback():
"""
新增记录
"""
# 检查用户权限
_common_logic.check_user_power()
name = web_helper.get_form('name', '角色名称')
department_id = convert_helper.to_int0(
web_helper.get_form('department_id', '部门id'))
page_power = web_helper.get_form('page_power', '权限列表', is_check_null=False)
_department_logic = department_logic.DepartmentLogic()
# 读取对应的部门记录
department_result = _department_logic.get_model_for_cache(department_id)
if not department_result:
return web_helper.return_msg(-1, "部门不存在")
_positions_logic = positions_logic.PositionsLogic()
# 组合更新字段
fields = {
'name': string(name),
'department_id': department_id,
'department_code': string(department_result.get('code', '')),
'department_name': string(department_result.get('name', '')),
'page_power': string(page_power),
}
# 读取记录
result = _positions_logic.add_model(fields)
if result:
# 直接输出json
return web_helper.return_msg(0, '提交成功')
else:
return web_helper.return_msg(-1, "提交失败")
def callback():
"""
新增记录
"""
name = web_helper.get_form('name', '产品名称')
code = web_helper.get_form('code', '产品编码')
product_class_id = convert_helper.to_int0(web_helper.get_form('product_class_id', '产品分类'))
standard = web_helper.get_form('standard', '产品规格')
quality_guarantee_period = web_helper.get_form('quality_guarantee_period', '保质期')
place_of_origin = web_helper.get_form('place_of_origin', '产地')
front_cover_img = web_helper.get_form('front_cover_img', '封面图片')
content = web_helper.get_form('content', '产品描述', is_check_special_char=False)
# 防sql注入攻击处理
content = string_helper.filter_str(content, "'")
# 防xss攻击处理
content = string_helper.clear_xss(content)
is_enable = convert_helper.to_int0(web_helper.get_form('is_enable', '是否启用'))
# 添加记录(使用returning这个函数能返回指定的字段值,这里要求返回新添加记录的自增id值)
sql = """insert into product (name, code, product_class_id, standard, quality_guarantee_period,
place_of_origin, front_cover_img, content, is_enable)
values (%s, %s, %s, %s, %s, %s, %s, %s, %s) returning id"""
vars = (name, code, product_class_id, standard, quality_guarantee_period, place_of_origin, front_cover_img, content, is_enable)
# 写入数据库
result = db_helper.write(sql, vars)
# 判断是否提交成功
if result and result[0].get('id'):
return web_helper.return_msg(0, '成功')
else:
return web_helper.return_msg(-1, "提交失败")
def register():
error = None
db = repository.GetSession()
userid = str(uuid.uuid4())
name = request.form.get('username')
password = request.form.get('password')
email = request.form.get('email')
add = db.query(User).filter_by(username=name).first()
print(type(name), name, password, email)
if not add:
if name and password and email:
user = User(username=name,
password=password,
email=email,
userId=userid)
db.add(user)
db.commit()
flash('注册成功')
else:
return web_helper.return_msg(0, '输入注册用户名已存在')
if not name:
return web_helper.return_msg(0, '输入注册用户名为空')
if not password:
return web_helper.return_msg(0, '输入注册密码为空')
if not email:
return web_helper.return_msg(0, '输入注册邮箱为空')
return web_helper.return_msg(0, '用户注册成功')
def callback(id):
"""
修改记录
"""
# 检查用户权限
_common_logic.check_user_power()
name = web_helper.get_form('name', '部门名称')
parent_id = convert_helper.to_int0(web_helper.get_form('parent_id', '父id', is_check_null=False))
sort = convert_helper.to_int0(web_helper.get_form('sort', '排序', is_check_null=False))
is_leaf = web_helper.get_form('is_leaf', '是否最终节点', is_check_null=False)
_department_logic = department_logic.DepartmentLogic()
# 如果没有设置排序,则自动获取当前级别最大的序号加1
if sort == 0:
sort = _department_logic.get_max('parent_id', 'parent_id=' + str(parent_id)) + 1
# 组合更新字段
fields = {
'name': string(name),
'sort': sort,
'is_leaf': is_leaf,
}
# 修改记录
result = _department_logic.edit_model(id, fields)
if result:
return web_helper.return_msg(0, '提交成功', result)
else:
return web_helper.return_msg(-1, "提交查询失败")
def callback(id):
"""
修改记录
"""
# 检查用户权限
_common_logic.check_user_power()
name = web_helper.get_form('name', '角色名称')
department_id = convert_helper.to_int0(
web_helper.get_form('department_id', '部门id'))
page_power = web_helper.get_form('page_power', '权限列表', is_check_null=False)
if page_power == ',':
page_power = ''
_positions_logic = positions_logic.PositionsLogic()
positions_result = _positions_logic.get_model_for_cache(id)
if department_id != positions_result.get('department_id'):
return web_helper.return_msg(-1, '该角色所属部门错误,请与管理员联系')
# 组合更新字段
fields = {
'name': string(name),
'page_power': string(page_power),
}
# 读取记录
result = _positions_logic.edit_model(id, fields)
if result:
# 直接输出json
return web_helper.return_msg(0, '提交成功', result)
else:
return web_helper.return_msg(-1, "提交失败")
def callback():
"""
修改记录
"""
# 检查用户权限
_common_logic.check_user_power()
front_cover_img = web_helper.get_form('front_cover_img', '图片')
content = web_helper.get_form('content', '内容', is_check_special_char=False)
# 防sql注入攻击处理
content = string_helper.filter_str(content, "'")
# 防xss攻击处理
content = string_helper.clear_xss(content)
fields = {
'front_cover_img': string(front_cover_img),
'content': string(content),
}
# 更新记录
_infomation_logic = infomation_logic.InfomationLogic()
result = _infomation_logic.edit_model(1, fields)
if result:
return web_helper.return_msg(0, '成功')
else:
return web_helper.return_msg(-1, "提交失败")
def callback():
"""
主页面获取菜单列表数据
"""
# 检查用户权限
_common_logic.check_user_power()
# 获取当前用户权限
session = web_helper.get_session()
if session:
_positions_logic = positions_logic.PositionsLogic()
page_power = _positions_logic.get_page_power(session.get('positions_id'))
else:
page_power = ''
if not page_power:
return web_helper.return_msg(-404, '您的登录已超时,请重新登录')
_menu_info_logic = menu_info_logic.MenuInfoLogic()
# 读取记录
result = _menu_info_logic.get_list('*', 'is_show and is_enabled', orderby='sort')
if result:
# 定义最终输出的html存储变量
html = ''
for model in result.get('rows'):
# 检查是否有权限
if ',' + str(model.get('id')) + ',' in page_power:
# 提取出第一级菜单
if model.get('parent_id') == 0:
# 添加一级菜单
temp = """
<dl id="menu-%(id)s">
<dt><i class="Hui-iconfont">%(icon)s</i> %(name)s<i class="Hui-iconfont menu_dropdown-arrow"></i></dt>
<dd>
<ul>
""" % {'id': model.get('id'), 'icon': model.get('icon'), 'name': model.get('name')}
html = html + temp
# 从所有菜单记录中提取当前一级菜单下的子菜单
for sub_model in result.get('rows'):
# 检查是否有权限
if ',' + str(sub_model.get('id')) + ',' in page_power:
# 如果父id等于当前一级菜单id,则为当前菜单的子菜单
if sub_model.get('parent_id') == model.get('id'):
temp = """
<li><a data-href="%(page_url)s" data-title="%(name)s" href="javascript:void(0)">%(name)s</a></li>
""" % {'page_url': sub_model.get('page_url'), 'name': sub_model.get('name')}
html = html + temp
# 闭合菜单html
temp = """
</ul>
</dd>
</dl>
"""
html = html + temp
return web_helper.return_msg(0, '成功', {'menu_html': html})
else:
return web_helper.return_msg(-1, "查询失败")
def post_CheckLogin():
# 验证当前页面是否登录入失效
s = web_helper.get_session()
userName = s.get('login_name')
if userName != "":
return web_helper.return_msg(0, '验证成功')
else:
return web_helper.return_msg(-1, '用户未登录')
def callback():
"""
获取指定记录
"""
_infomation_logic = infomation_logic.InfomationLogic()
result = _infomation_logic.get_model('id=1')
if result:
return web_helper.return_msg(0, '成功', result)
else:
return web_helper.return_msg(-1, "查询失败")
def callback(id):
name = web_helper.get_form('name', '', False)
is_enable = convert_helper.to_int_default(
web_helper.get_form('is_enable', '', False), 0)
sql = '''update product_class set name=%(name)s ,is_enable=%(is_enable)s where id=%(id)s returning id'''
par = {'name': name, 'is_enable': is_enable, 'id': id}
result = db_helper.write(sql, par)
if result:
return web_helper.return_msg(0, '成功')
else:
return web_helper.return_msg(-1, '失败')
def callback(id):
"""
获取指定记录
"""
# 实例化product表操作类ProductLogic
_product_logic = product_logic.ProductLogic()
# 执行get_model_for_pk()方法,获取记录实体
model = _product_logic.get_model_for_pk(id)
if model:
return web_helper.return_msg(0, '查询成功', model)
else:
return web_helper.return_msg(-1, "查询失败")
def callback():
name = web_helper.get_form('name', '', False)
is_enable = convert_helper.to_int_default(
web_helper.get_form('is_enable', '', False), 0)
sql = '''insert into product_class (name,is_enable) VALUES (%(name)s,%(is_enable)s) returning id'''
par = {'name': name, 'is_enable': is_enable}
result = db_helper.write(sql, par)
if result:
return web_helper.return_msg(0, '成功')
else:
return web_helper.return_msg(-1, '失败')
def callback():
"""
获取指定记录
"""
sql = """select * from infomation where id = 2"""
# 读取记录
result = db_helper.read(sql)
if result:
# 直接输出json
return web_helper.return_msg(0, '成功', result[0])
else:
return web_helper.return_msg(-1, "查询失败")
def record():
name = web_helper.get_form('name', '姓名为空', False)
cardno = web_helper.get_form('cardno', '准考证号为空', False)
ip = web_helper.get_ip()
print(name, cardno, ip)
sql = '''insert into searchrecord (name,cardno,ip) VALUES (%(name)s,%(cardno)s,%(ip)s) returning id'''
par = {'name': name, 'cardno': cardno, 'ip': ip}
result = db_helper.write(sql, par)
if result:
return web_helper.return_msg(0, '成功')
else:
return web_helper.return_msg(-1, '失败')
def callback(id):
"""
获取指定记录
"""
sql = """select * from product_class where id = %s""" % (id,)
# 读取记录
result = db_helper.read(sql)
if result:
# 直接输出json
return web_helper.return_msg(0, '成功', result[0])
else:
return web_helper.return_msg(-1, "查询失败")
def callback():
"""
获取指定记录
"""
sql = """select * from infomation where id = 1"""
# 读取记录
with db_helper.PgHelper(db_config.DB, db_config.IS_OUTPUT_SQL) as db:
result = db.execute(sql)
if result:
# 直接输出json
return web_helper.return_msg(0, '成功', result[0])
else:
return web_helper.return_msg(-1, "查询失败")
def callback():
"""
获取指定记录
"""
sql = """select * from user_log WHERE id=4 ORDER BY id DESC"""
# 读取记录
result = db_helper.read(sql)
if result:
# 直接输出json
print(result)
return web_helper.return_msg(0, '成功', result)
else:
return web_helper.return_msg(-1, "查询失败")
def callback(id):
"""
获取指定记录
"""
# 检查用户权限
_common_logic.check_user_power()
_department_logic = department_logic.DepartmentLogic()
# 读取记录
result = _department_logic.get_model_for_cache(id)
if result:
return web_helper.return_msg(0, '成功', result)
else:
return web_helper.return_msg(-1, "查询失败")
def callback():
"""
获取列表数据(树列表)
"""
# 检查用户权限
_common_logic.check_user_power()
_department_logic = department_logic.DepartmentLogic()
# 读取记录
result = _department_logic.get_list('id, parent_id, name, not is_leaf as open')
if result:
return web_helper.return_msg(0, "成功", {'tree_list': result.get('rows')})
else:
return web_helper.return_msg(-1, "查询失败")
def callback(id):
"""
删除指定记录
"""
# 编辑记录
sql = """delete from product where id=%s returning id"""
vars = (id,)
# 写入数据库
result = db_helper.write(sql, vars)
# 判断是否提交成功
if result:
return web_helper.return_msg(0, '成功')
else:
return web_helper.return_msg(-1, "删除失败")
def callback():
"""
获取列表数据(树列表)
"""
# 检查用户权限
_common_logic.check_user_power()
_menu_info_logic = menu_info_logic.MenuInfoLogic()
# 读取记录
result = _menu_info_logic.get_list('id, parent_id, name, not is_leaf as open', 'is_leaf=false', orderby='sort asc')
if result:
return web_helper.return_msg(0, "成功", {'tree_list': result.get('rows')})
else:
return web_helper.return_msg(-1, "查询失败")
def callback(id):
"""
获取指定记录
"""
# 检查用户权限
_common_logic.check_user_power()
_menu_info_logic = menu_info_logic.MenuInfoLogic()
# 读取记录
result = _menu_info_logic.get_model_for_cache(id)
if result:
return web_helper.return_msg(0, '成功', result)
else:
return web_helper.return_msg(-1, "查询失败")
def callback():
"""
新增记录
"""
# 检查用户权限
_common_logic.check_user_power()
name = web_helper.get_form('name', '菜单名称')
icon = web_helper.get_form('icon', '菜单小图标', True, 10, False, is_check_special_char=False)
icon = icon.replace('\'', '').replace('|', '').replace('%', '')
page_url = web_helper.get_form('page_url', '页面URL', is_check_null=False)
interface_url = web_helper.get_form('interface_url', '接口url', is_check_null=False, is_check_special_char=False)
# 替换编码
interface_url = interface_url.replace('@', '').replace('\'', '').replace('|', '').replace('%', '')
parent_id = convert_helper.to_int0(web_helper.get_form('parent_id', '父id', is_check_null=False))
sort = convert_helper.to_int0(web_helper.get_form('sort', '排序', is_check_null=False))
is_leaf = web_helper.get_form('is_leaf', '是否最终节点', is_check_null=False)
is_show = web_helper.get_form('is_show', '是否显示', is_check_null=False)
is_enabled = web_helper.get_form('is_enabled', '是否启用', is_check_null=False)
_menu_info_logic = menu_info_logic.MenuInfoLogic()
# 计算深度级别,即当前菜单在哪一级
if parent_id == 0:
level = 0
else:
level = _menu_info_logic.get_value_for_cache(parent_id, 'level') + 1
# 如果没有设置排序,则自动获取当前级别最大的序号加1
if sort == 0:
sort = _menu_info_logic.get_max('sort', 'parent_id=' + str(parent_id)) + 1
# 组合更新字段
fields = {
'name': string(name),
'icon': string(icon),
'page_url': string(page_url),
'interface_url': string(interface_url),
'parent_id': parent_id,
'sort': sort,
'level': level,
'is_leaf': is_leaf,
'is_show': is_show,
'is_enabled': is_enabled,
}
# 新增记录
result = _menu_info_logic.add_model(fields)
if result:
return web_helper.return_msg(0, '提交成功')
else:
return web_helper.return_msg(-1, "提交失败")
def callback(id):
"""
删除指定记录
"""
# 检查用户权限
_common_logic.check_user_power()
# 实例化product表操作类ProductLogic
_product_logic = product_logic.ProductLogic()
result = _product_logic.delete_model(id)
# 判断是否提交成功
if result:
return web_helper.return_msg(0, '成功')
else:
return web_helper.return_msg(-1, "删除失败")
def callback(id):
"""
获取指定记录
"""
# 检查用户权限
_common_logic.check_user_power()
_positions_logic = positions_logic.PositionsLogic()
# 读取记录
result = _positions_logic.get_model_for_cache(id)
if result:
# 直接输出json
return web_helper.return_msg(0, '成功', result)
else:
return web_helper.return_msg(-1, "查询失败")
def uploadArtical():
uid = web_helper.get_form('id', '主键(时间戳)')
tit = str(
base64.b64decode(web_helper.get_form('tit', '标题').replace(" ", "+")),
"utf-8")
txt = web_helper.get_form('txt', '内容').replace(" ", "+")
tip = str(
base64.b64decode(web_helper.get_form('tip', '标签').replace(" ", "+")),
"utf-8")
newArt = web_helper.get_form('new', '是否是新文章')
if ("n" == newArt):
insert = """
insert into "articaltable" ("id", "artical_name", "artical_type", "likesnum", "answernum", "readnum", "artical")
values (%s, %s, %s, 0, 0, 0, %s)
"""
data = (uid, tit, tip, txt)
beTip = db_helper.write(insert, data)
else:
updata = """
UPDATE "articaltable"
SET "artical_name"= %s, "artical_type"= %s, "artical" = %s
WHERE id=%s;
"""
data = (tit, tip, txt, uid)
beTip = db_helper.write(updata, data)
print(beTip, uid, tit, txt, tip)
return web_helper.return_msg(-1 if (beTip == "False") else 0, '上传成功')
def ArticalList():
selectArticalList = """
select "id", "artical_name", "artical_type", "likesnum", "answernum", "readnum" from "articaltable"
"""
recode_result = db_helper.read(selectArticalList)
print(recode_result)
return web_helper.return_msg(0, '获取成功', recode_result)
